Jon Gordon is a partner in the New York office of Haug Partners LLP, an intellectual property law firm formerly known as Frommer Lawrence & Haug LLP, where he specializes in prosecuting patents related to computers, networks, telecommunications, medical information systems, financial applications, and blockchains. He’s written an article for Legaltech News on the patenting of blockchain technology, and more recently, moderated a panel titled “Explore Strategic Approach to Protect AI Technology.” Mr. Gordon is a member of the American Intellectual Property Law Association, the Association for Computing Machinery, the Institute for Electrical & Electronic Engineers, the IEEE Computer Society, the New York Intellectual Property Law Association, and the New York State Bar Association. He will co-chair Practising Law Institute’s upcoming program on Patenting Blockchain and Distributed Ledger Technologies. Mr. Gordon received his BS from Yale University, where he double majored in Physics and Philosophy.

Tell me about your background, how you got involved in blockchain, and your current work!

I doubled majored in Physics and Philosophy. After college, I worked as an options trader. I also have an MS in Computer Science, and I’d already done a fair amount of work in FinTech as a patent lawyer. Really, I do patent prosecution. I draft applications and then I negotiate them through the U.S. patent office. I have got a fair number of patents for major financial companies, and blockchain technology seemed to be something gaining increasing importance from these players; I started having clients come to me with patent issues relating to blockchain.

What interests me is that, until three to four months ago, I had never had a client come to me with a cryptocurrency-related application, even though people are most familiar with that application of blockchain. In. fact, none of those first applications had to do with cryptocurrencies. They were about things like distributed ledgers and databases, supply chain management, or chains of custody. In the past few months, I’ve been working fairly heavily with cryptocurrencies, but that’s a relatively new development.

Is that because the players in the non-crypto blockchain space are more institutional (e.g., health care companies) than some of the crypto players (e.g., quant traders) who might not deem it necessary to file patents?

No, I don’t think it has to do with that. Frankly, I think it’s more or less been incidental. These are the clients I was working with, these are the issues they happen to bring in, and it was other clients that started working with these aspects later.

I do think that whatever the popular view holds for blockchain and its use cases, the fact is that it’s of much wider potential importance than simply cryptocurrencies. It is really possible that this technology is transformative when it comes to issues of trust, authority, and data accessibility. I think these are really the main opportunities presented by blockchain, and simply to say that crypto has one kind of participants while other non-crypto blockchain players have another kind of participants is letting yourself get sidetracked. 

The really short version is that blockchains are so much more than crypto, and if you don’t keep that in mind from the very start, then you’re probably going to miss the point.

What technological innovation would you compare blockchain to?

I don’t know. It’s a revolutionary new kind of database, but is it the same as the relational database, which dates back to the 50s or 60s? I don’t think so. I think the real problem with evaluating the technology in terms of comparisons is that you can only accurately do so in hindsight.

I heard a story—I forget what the invention was, but it was something that wound up radically changing the world. Anyway, at the time of an early demonstration, some onlooker asked what the use of the thing was. The response given was, “What use is a newborn baby?” I happen to have a newborn baby, and blockchains are very different, but you really have to wait and see what develops before you can make thoughtful comparisons.

I think that it does offer a technical means to transform a lot of kinds of financial and legal relationships. I don’t think the transformation is going to be on the same scale as the internet, but I think it’s a similar kind of transformation. 

Are you able to bracket off the different kinds of patent applications you’re receiving? E.g., digital identity, cryptocurrencies, etc.

Here’s the thing. You can try to get a patent at different levels of the technology stack. You can come up with some sort of algorithmic improvement to blockchain implementation. That’s really at the heart of the technology. You will see some applications on that level, but they tend to be less common because many blockchain applications rely on their popularity for network effects. So, if you pursue a patent as a form of gatekeeping, that’s going to keep people from taking advantage of your innovation, and you’re discouraged people from creating value for you in the first place. 

There are other levels, too. Think about a new circuit for crypto mining. You might get a patent to build custom hardware. Then, there are issues of things you can do on someone else’s blockchain, as well. This could be an application that you build on top of the Ethereum blockchain, because the technology can be used for many different purposes– not just crypto, but certain things like identity management.

One application that struck me was from IBM, I think, and it dealt with using a smart contract as a way of getting people to run test cases for software. Basically, the test case itself would be distributed as data on the blockchain, as well as the smart contract, and the smart contract could tell whether someone had executed the test case. That person would then receive a reward for having done this work. So, IBM found a way to incentivize people to go and test their software, which is important because complex software needs to be tested.

You’re really going to see applications at all levels of the stack. You’re going to see fewer applications in some areas because the whole point of a patent is to get exclusivity, and there may be cases where exclusivity is counterproductive. You may also run up on limitations in the patent law as to what can or can’t be patented. This is an area where there’s generally been a lot of controversy in patent law. The Supreme Court introduced a great deal of uncertainty through a series of decisions, and this is especially the case with computer-implemented interventions. So, there are real issues that directly intersect with blockchain.

What’s one topic you think about frequently that you doubt anyone else has talked to me about?

This is actually one issue that I will go on and on about to anybody who has the poor judgment to stand still long enough: a lot of people think that cryptocurrencies, and blockchain in general, will eliminate the need for trust. I think that’s a terribly naïve viewpoint.

There’s a paper written in the 1980s by Ken Thompson, one of the original designers of the Unix operating system. It’s called “Reflections on Trusting Trust.” Thompson describes, as a proof of concept, that he was able to put an untraceable backdoor in Unix. What he did was modify the login program. When you log in to a Unix-based computer, there’s a program that decides whether you get logged in, and he modified that to create a backdoor so that he could log in to any system, whether or not someone gave him access. 

Now, anybody could tell that the backdoor was there by looking at the source code of the login program. So, what he did next was modify the C compiler. The C compiler is basically a program that takes the source code that a programmer writes and converts it into executable code for the computer. He took the C compiler, and he modified it so that it could tell when the login program was being recompiled. The C compiler would insert the backdoor into the login program while it was being recompiled, whether that backdoor was in the source code of the login program or not. Now, this additional modification could be detected if you looked at the source code of the C compiler. But, he made a further modification so the C compiler could look at whether the compiler was being used to compile a new version of itself. If it was, the compiler would insert the modifications into the new version, whether they were in the source code or not.

When he had a version of the C compiler that would do this, he recompiled the C compiler from clean source code that didn’t have the backdoor inserted, but had been created with a modified compiler. So he had a modified version of the C compiler that had been compiled from clean source code. Then he used this version of the compiler to recompile the login program from clean source code, and the compiler reinserted the back door in the recompiled login program.  What you wound up with was this chain of software tools, a C compiler and a login program, and all of these tools had been modified to ensure that the backdoor would be present in the programs yet undetectable in the source code. 

Thompson’s point was that you can’t trust software that you haven’t fully created by yourself. Why that’s important is because it’s impossible to only use software that you’ve fully created by yourself. Even in the earliest days, you had to rely on tools written by other people. Today, we’re using these massive software constructions just by logging into our desktops, so no one is in complete control of the software, or the operating system, that they are using for their blockchain applications. By using a blockchain for whatever implementation, they are changing whom they trust; they are not eliminating trust. I wouldn’t say that’s often overlooked, but it’s certainly glossed over far too often, and I think people really need to be careful about that.

It’s a bootstrapping problem. It’s not turtles all the way down, because at some point, these tools were actually created, and the most basic tools were created by hand. So, at some point, you do in fact reach an ending. But it’s simply not practical to go back to the ending point for every system. Because of that, you are trusting someone, and if you simply pretend that using blockchain, or crypto, or smart contracts means you don’t have to trust people, then you are actually creating a new vulnerability.

Using these tools—blockchains, these data structures, and this computer infrastructure—will change who you trust in many cases, but again, it does not eliminate the need for trust. And you need to keep in mind whom you’re trusting.

Leave a comment

Your email address will not be published. Required fields are marked *